41

I as well received a message from “EdwardN on avast!WEBforum.”

It was obscene, and also seemed to cause popups to continue in these forums displaying that message, even after I’d read it, and it was no longer new.

I agree: if the user database is compromised, please inform us.

42

No, it’s coming from people like me who expect a security company to be, well, aware of security.

I see at the bottom of each page here that the forum is on v1.0.1 of the forum software.
The current release is v1.0.8 it is a critical update.

Which is something basic for administrators, especially where knowledge of security matters should be high…

43

I got one from: JessicaA with the same content. :-\

44

Although I am very pleased with avast! products I have to agree on that!

I see at the bottom of each page here that the forum is on v1.0.1 of the forum software. The current release is v1.0.8 it is a critical update.

Which is something basic for administrators, especially where knowledge of security matters should be high…

45

I think I posted once or twice before here, I just recieved this, what’s going on ???

46

I’m sorry about that it didn’t show that way in my email and I just cut and pasted >:(

47

Well… this was discussed before… and security was not one of the ‘necessary’ changes…
Maybe they did not give speciall attention to the changes.
I can’t find anything here: http://www.simplemachines.org/about/features.php (SMF 1.1 - forum software feature list).
What did really change from 1.0.1 to 1.0.8 ???

48

Site Admin, at least kill the reported accounts that are send this crap out.
I’d take a close look at the logs and at least do a temporary netblock ban on them until you get things straightened out.

49

At least edit/modify your post.

50

Done didn’t realize I could ::slight_smile:

51

You didn’t do a thing… nothing’s done like you mentioned… all links are still alive inside your reply here:

http://forum.avast.com/index.php?topic=24177.msg198646#msg198646

52

well this sucks…

53

Sucks big time, just got mine today. Too bad forum security isn’t as good as their product.

54

Guys, even mods have to sleep.

So:
a) idiots been banned few minutes ago
b) NO DATABASE HAS BEEN COMPROMISED! They simply walked the list of the users and then sent the PMs to them. No direct mailing to stolen emails. Reg database is stored elsewhere, without direct internet access.
c) All newbies were denied from using the PMs.

55

i said this in another thread but i repeat here as it’s more “active”

it could help set min number of posts before user get chance to use PM … let say 25 …
of course sending PM to moderators / admin can anyone with 1+ etc.

should help to prevent this to repeat more often

56

Nice to see security is upgraded. Got my spam 4h before it was upgraded :-\ but as Dwarden says to moderators and admins it shouldn’t be that much.

57

Hi all,

If we had to upload all our pictures through imageshack or whatever filtered, we could stop this.

polonus

58

[b]Below is the full spam MSG., including the INTERNET header. My email pgm flagged it as spam. I still scan all, so I knew the links were phony, and nailed it.

Since the Admin has resolved it, I post only as an addition. If anyone actually followed any of the links as the email requested they were foolish or stupid. Why would (In my Mind) the best FREE and PAY Anti-virus Company send out porn links, since reading the message should have been obvious as to it’s intent.

Since I pasted this, you will note I disabled the PIC that would have been visable as a JPG image and only shows a question mark out of respect to others who may not be so amused.

NOTE: If you did follow any of them, you now have a “key logger” on your system, as my own safe investigation revealed. So expect some more fun from the links you may have accessed.[/b]

John Galt

]“Fools, although they hear, are like the deaf: To them the adage applies that when present they are absent.” —Heraclitus

Received: from sm00.avast.com ([70.84.157.228])
by alnrmxc23.comcast.net (alnrmxc23) with ESMTP
id <20061013010700a23005mon8e>; Fri, 13 Oct 2006 01:07:00 +0000
X-Originating-IP: [70.84.157.228]
Received: from sm00.avast.com (sm00.avast.com [127.0.0.1])
by sm00.avast.com (8.12.11.20060308/8.12.11) with ESMTP id k9D16v0Q007370
for john_galt@comcast.net; Fri, 13 Oct 2006 03:06:57 +0200
Received: (from apache@localhost)
by sm00.avast.com (8.12.11.20060308/8.12.11/Submit) id k9D16vj0007368;
Fri, 13 Oct 2006 03:06:57 +0200
Message-Id: 200610130106.k9D16vj0007368@sm00.avast.com
To: john_galt@comcast.net
Subject: New Personal Message: URGENT MESSAGE FROM ADMIN!!!
From: “avast!WEBforum” webadmin@asw.cz
Date: Fri, 13 Oct 2006 01:06:50 +0000
Content-Type: text/plain; charset=ISO-8859-1

You have just been sent a personal message by EdwardN on avast!WEBforum.

IMPORTANT: Remember, this is just a notification. Please do not reply to this email.

The message they sent you was:

If you have some time check out this COOL pic:
http://pix2.hotornot.com/pics/HU/KM/KY/KU/A8SRRZBAVPSL.jpg
Also, check out the following website I came across:
http://www.asian-man.com/asianmannew/main.htm
It will knock your socks off!
Next, the below website is thrilling!!!
http://www.aznlover.com
Finally, the following website is the absolute BOMB!!!
http://www.amyandbilly.com
ENJOY!!!

MY PIC: http://pix2.hotornot.com/pics/HU/KM/KY/KU/A8SRREEKAJPC.jxxxpg

http://pix2.hotornot.com/pics/HU/KM/KY/KU/A8SRREEKAJPC.xxxjpg

Reply to this Personal Message here: http://forum.avast.com/index.php?action=pm;sa=send;f=inbox;pmsg=29362;quote;u=25369

59

you find a lot of members post more then 10x in a week better if it was like a 100 post count then enable it for the members to PM other.

but i really think some low lifer found a hole in the forum scrip and use the PM option to spam a lot of member at once.

60

I have just received the same spam e-mail. It was obvious that it was spam, so I just deleted it. It does not affect my confidence in avast! in any way - I still think it is an excellent piece of software with first class support.

regards,
dafydd